Merge pull request #121 from dollarshaveclub/chart-error-fix

fix: propagate chart error

.circleci/config.yml

@@ -13,7 +13,7 @@ jobs:
       - run: go build
   test:
     docker:
-      - image: circleci/golang:1.13
+      - image: circleci/golang:1.14
       - image: postgres:9.5.9-alpine
         environment:
         - POSTGRES_USER=acyl
@@ -32,7 +32,11 @@ jobs:
       - run:
           name: Running tests
           working_directory: /go/src/github.com/dollarshaveclub/acyl
-          command: go test -cover $(go list ./... |grep -v pkg/persistence |grep -v pkg/api|grep -v pkg/locker)
+          command: go test -cover $(go list ./... |grep -v pkg/persistence |grep -v pkg/api|grep -v pkg/locker|grep -v pkg/nitro |grep -v /testing/localsecrets)
+      - run:
+          name: Running Nitro tests
+          working_directory: /go/src/github.com/dollarshaveclub/acyl/pkg/nitro
+          command: go test ./... -cover
       - run:
           name: Running DB tests
           working_directory: /go/src/github.com/dollarshaveclub/acyl/pkg/persistence

.helm/charts/acyl/templates/deployment.yaml

@@ -77,12 +77,6 @@ spec:
     {{ end }}
           - "--k8s-secret-injections"
           - "{{ .Values.app.k8s_secret_injections }}"
-          - "--failure-report-s3-region"
-          - "{{ .Values.app.failure_reports.s3.region }}"
-          - "--failure-report-s3-bucket"
-          - "{{ .Values.app.failure_reports.s3.bucket }}"
-          - "--failure-report-s3-key-prefix"
-          - "{{ .Values.app.failure_reports.s3.keyprefix }}"
           - "--k8s-group-bindings"
           - "{{ .Values.app.k8s_group_bindings }}"
           {{ if .Values.app.operation_timeout_override }}
@@ -127,16 +121,6 @@ spec:
         volumeMounts:
         env:
           {{ if .Values.app.secrets_from_env }}
-          - name: ACYL_AWS_ACCESS_KEY_ID
-            valueFrom:
-              secretKeyRef:
-                name: dummy-acyl-secrets
-                key: aws_access_key_id
-          - name: ACYL_AWS_SECRET_ACCESS_KEY
-            valueFrom:
-              secretKeyRef:
-                name: dummy-acyl-secrets
-                key: aws_secret_access_key
           - name: ACYL_GITHUB_HOOK_SECRET
             valueFrom:
               secretKeyRef:

.helm/charts/acyl/templates/dummy-secrets.yaml

@@ -4,8 +4,6 @@ kind: Secret
 metadata:
   name: dummy-acyl-secrets
 data:
-  aws_access_key_id: "YXNkZg=="
-  aws_secret_access_key: "YXNkZg=="
   github_hook_secret: "YXNkZg=="
   github_token: "YXNkZg=="
   github_app_id: "MTIzNA=="

Gopkg.toml

@@ -25,17 +25,13 @@
   name = "github.com/DataDog/datadog-go"
   version = "3.3.1"
 
-[[constraint]]
-  branch = "master"
-  name = "github.com/aws/aws-sdk-go"
-
 [[constraint]]
   branch = "master"
   name = "github.com/dollarshaveclub/furan"
 
 [[constraint]]
   name = "github.com/dollarshaveclub/metahelm"
-  version = "=0.6.1"
+  version = "=0.6.2"
 
 [[constraint]]
   name = "github.com/golang/mock"

cmd/root.go

@@ -18,8 +18,6 @@ var (
 )
 
 var vaultConfig config.VaultConfig
-var awsCreds config.AWSCreds
-var awsConfig config.AWSConfig
 var secretsConfig config.SecretsConfig
 var secretsbackend string
 var k8sClientConfig config.K8sClientConfig
@@ -42,8 +40,6 @@ func init() {
 	RootCmd.PersistentFlags().StringVar(&vaultConfig.K8sAuthPath, "vault-k8s-auth-path", "kubernetes", "Vault k8s auth path (if using k8s auth & Vault secret backend)")
 	RootCmd.PersistentFlags().StringVarP(&vaultConfig.AppID, "vault-app-id", "d", os.Getenv("APP_ID"), "Vault App-ID (if using Vault secret backend)")
 	RootCmd.PersistentFlags().StringVarP(&vaultConfig.UserIDPath, "vault-user-id-path", "e", os.Getenv("USER_ID_PATH"), "Path to file containing Vault User-ID (if using Vault secret backend)")
-	RootCmd.PersistentFlags().StringVarP(&awsConfig.Region, "aws-region", "k", "us-west-2", "AWS region")
-	RootCmd.PersistentFlags().UintVarP(&awsConfig.MaxRetries, "aws-max-retries", "l", 3, "AWS max retries per operation")
 	RootCmd.PersistentFlags().StringVar(&secretsbackend, "secrets-backend", "vault", "Secret backend (one of: vault,env)")
 	RootCmd.PersistentFlags().StringVar(&secretsConfig.Mapping, "secrets-mapping", "", "Secrets mapping template string (required)")
 	RootCmd.PersistentFlags().StringVar(&k8sClientConfig.JWTPath, "k8s-jwt-path", "/var/run/secrets/kubernetes.io/serviceaccount/token", "Path to the JWT used to authenticate the k8s client to the API server")
@@ -107,7 +103,7 @@ func getSecrets() {
 		clierr("error getting secrets client: %v", err)
 	}
 	sf := secrets.NewPVCSecretsFetcher(sc)
-	err = sf.PopulateAllSecrets(&awsCreds, &githubConfig, &slackConfig, &serverConfig, &pgConfig)
+	err = sf.PopulateAllSecrets(&githubConfig, &slackConfig, &serverConfig, &pgConfig)
 	if err != nil {
 		clierr("error getting secrets: %v", err)
 	}

cmd/server.go

@@ -8,7 +8,6 @@ import (
 	"crypto/tls"
 	"encoding/json"
 	"fmt"
-	"io/ioutil"
 	"log"
 	"math/big"
 	"net/http"
@@ -50,7 +49,6 @@ var k8sGroupBindingsStr, k8sSecretsStr, k8sPrivilegedReposStr string
 
 var pgConfig config.PGConfig
 var logger *log.Logger
-var s3config config.S3Config
 var failureTemplatePath string
 var dogstatsdAddr, dogstatsdTags string
 var datadogServiceName, datadogTracingAgentAddr string
@@ -93,9 +91,6 @@ func init() {
 	serverCmd.PersistentFlags().StringVar(&k8sSecretsStr, "k8s-secret-injections", "", "optional k8s secret injections (comma-separated) for new environment namespaces in SECRET_NAME=VAULT_ID (Vault path using secrets mapping) format. Secret value in Vault must be a JSON-encoded object with two keys: 'data' (map of string to base64-encoded bytes), 'type' (string). (Nitro)")
 	serverCmd.PersistentFlags().StringVar(&k8sPrivilegedReposStr, "k8s-privileged-repo-whitelist", "dollarshaveclub/acyl", "optional comma-separated whitelist of GitHub repositories whose environment service accounts will be allowed cluster-admin privileges (Nitro)")
 	serverCmd.PersistentFlags().StringVar(&failureTemplatePath, "failure-template-path", "/opt/html/failedenv.html.tmpl", "path to HTML failure report template (if missing, failure reports will be disabled")
-	serverCmd.PersistentFlags().StringVar(&s3config.Region, "failure-report-s3-region", "us-west-2", "AWS S3 region for environment failure reports")
-	serverCmd.PersistentFlags().StringVar(&s3config.Bucket, "failure-report-s3-bucket", "", "AWS S3 bucket for environment failure reports")
-	serverCmd.PersistentFlags().StringVar(&s3config.KeyPrefix, "failure-report-s3-key-prefix", "", "AWS S3 key prefix for environment failure reports (key format: <prefix>envfailures/<timestamp>/<env name>.html)")
 	serverCmd.PersistentFlags().StringVarP(&dogstatsdAddr, "dogstatsd-addr", "q", "127.0.0.1:8125", "Address of dogstatsd for metrics")
 	serverCmd.PersistentFlags().StringVar(&dogstatsdTags, "dogstatsd-tags", "", "Comma-separated list of tags to add to dogstatsd metrics (TAG:VALUE)")
 	serverCmd.PersistentFlags().StringVar(&datadogTracingAgentAddr, "datadog-tracing-agent-addr", "127.0.0.1:8126", "Address of datadog tracing agent")
@@ -111,19 +106,6 @@ func setupServerLogger() {
 	logger = log.New(os.Stderr, "", log.LstdFlags)
 }
 
-func loadFailureTemplate(m *nitroenv.Manager) {
-	ftd, err := ioutil.ReadFile(failureTemplatePath)
-	if err != nil {
-		log.Printf("error reading failure template: %v: %v", failureTemplatePath, err)
-		s3config.Bucket = ""
-		s3config.Region = ""
-		return
-	}
-	if err := m.InitFailureTemplate(ftd); err != nil {
-		log.Fatalf("error processing failure template: %v", err)
-	}
-}
-
 func startDatadogTracer() {
 	opts := []tracer.StartOption{tracer.WithAgentAddr(datadogTracingAgentAddr)}
 	opts = append(opts, tracer.WithServiceName(datadogServiceName))
@@ -243,13 +225,10 @@ func server(cmd *cobra.Command, args []string) {
 		MG:                   mg,
 		CI:                   ci,
 		PLF:                  plf,
-		AWSCreds:             awsCreds,
-		S3Config:             s3config,
 		GlobalLimit:          serverConfig.GlobalEnvironmentLimit,
 		UIBaseURL:            serverConfig.UIBaseURL,
 	}
 	nitromgr.OperationTimeout = serverConfig.OperationTimeoutOverride // Zero means use default defined in pkg/nitro/env
-	loadFailureTemplate(nitromgr)
 	ge := ghevent.NewGitHubEventWebhook(rc, githubConfig.HookSecret, githubConfig.TypePath, dl)
 
 	if serverConfig.ReaperIntervalSecs > 0 {

pkg/config/config.go

@@ -141,20 +141,6 @@ type SlackConfig struct {
 	MapperUpdateIntervalSeconds uint
 }
 
-type AWSCreds struct {
-	AccessKeyID     string
-	SecretAccessKey string
-}
-
-type AWSConfig struct {
-	Region     string
-	MaxRetries uint
-}
-
-type S3Config struct {
-	Region, Bucket, KeyPrefix string
-}
-
 type VaultConfig struct {
 	Addr        string
 	Token       string

pkg/eventlogger/status.go

@@ -4,6 +4,7 @@ import (
 	"time"
 
 	"github.com/dollarshaveclub/acyl/pkg/models"
+	"github.com/dollarshaveclub/metahelm/pkg/metahelm"
 )
 
 // SetNewStatus creates a new empty event status of etype with only config.type, config.status and config.started set. This is intended to be called first and prior to config processing.
@@ -123,3 +124,10 @@ func (l *Logger) SetCompletedStatus(status models.EventStatus) {
 		l.Printf("error setting event status to completed: %v", err)
 	}
 }
+
+// SetFailedStatus marks the entire event as completed with a failed status. This is intended to be called once at the end of event processing.
+func (l *Logger) SetFailedStatus(ce metahelm.ChartError) {
+	if err := l.DL.SetEventStatusFailed(l.ID, ce); err != nil {
+		l.Printf("error setting event status to failed: %v", err)
+	}
+}

pkg/models/eventlogs.go

@@ -9,6 +9,7 @@ import (
 	"strings"
 	"time"
 
+	"github.com/dollarshaveclub/metahelm/pkg/metahelm"
 	"github.com/google/uuid"
 	"github.com/lib/pq"
 	"github.com/pkg/errors"
@@ -140,20 +141,21 @@ type RenderedEventStatus struct {
 }
 
 type EventStatusSummaryConfig struct {
-	Type           EventStatusType          `json:"type"`
-	Status         EventStatus              `json:"status"`
-	RenderedStatus RenderedEventStatus      `json:"rendered_status"`
-	EnvName        string                   `json:"env_name"`
-	K8sNamespace   string                   `json:"k8s_ns"`
-	TriggeringRepo string                   `json:"triggering_repo"`
-	PullRequest    uint                     `json:"pull_request"`
-	GitHubUser     string                   `json:"github_user"`
-	Branch         string                   `json:"branch"`
-	Revision       string                   `json:"revision"`
-	ProcessingTime ConfigProcessingDuration `json:"processing_time"`
-	Started        time.Time                `json:"started"`
-	Completed      time.Time                `json:"completed"`
-	RefMap         map[string]string        `json:"ref_map"`
+	Type            EventStatusType          `json:"type"`
+	Status          EventStatus              `json:"status"`
+	RenderedStatus  RenderedEventStatus      `json:"rendered_status"`
+	FailedResources metahelm.ChartError      `json:"failed_resources"`
+	EnvName         string                   `json:"env_name"`
+	K8sNamespace    string                   `json:"k8s_ns"`
+	TriggeringRepo  string                   `json:"triggering_repo"`
+	PullRequest     uint                     `json:"pull_request"`
+	GitHubUser      string                   `json:"github_user"`
+	Branch          string                   `json:"branch"`
+	Revision        string                   `json:"revision"`
+	ProcessingTime  ConfigProcessingDuration `json:"processing_time"`
+	Started         time.Time                `json:"started"`
+	Completed       time.Time                `json:"completed"`
+	RefMap          map[string]string        `json:"ref_map"`
 }
 
 type EventStatusTreeNodeImage struct {